Forum Discussion

Altocumulus

Nov 08, 2020

SAML SESSION VARIABLE AND ATTRIBUTES

HI, I am currently setup on my APM to use SAML single sign on with Azure as my IDP and F5 APM as my SP. I want to assign resources to authenticated users based on their groups in azure. How do i repr...

application delivery

Azure

BIG-IP Access Policy Manager (APM)

cloud

Oreoluwa

Altocumulus

Nov 09, 2020

Hi Pete, thanks for your reply. From the link you posted, i see that this expression was said to be useful in the variable assign block which is in the VPE of the access per request policy. Is it possible to use this same expression the per session policy for the advanced resource assign expression box? Secondly, while using this expression to specify groups, is there any where in the SP, IDP connector settings of the SAML that i have to specify this attirbute value in the expression you posted. I am asking because i have seen a box in the IDP connector settings named identity attribute location and i wouldnt know what is required in that box in the idp connector setting.

Oreoluwa

Altocumulus

Nov 09, 2020

I am using APM to present a portal access of published applications to authenticated users. Users that will be authenticated with my existing azure AD service and with the existing MFA. Such that once i am authenticated, i see only the portal applications i am expected to see and not more and i can click on those applications without needing a reauthentication to them because of SSO configuration attached to the setup

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)